<?php
require_once realpath (dirname (__FILE__) . '//..//pages.php');
require_once CLASS_USER;
require_once INC_DEFINES;
require_once INC_FUNCTIONS;
require_once INC_MESSAGES;
require_once MDL_ACCOUNT;

checkSession ();

if (isset ($_SESSION['data'])) {
    $post = true;
    $data = array_merge ($_GET, $_SESSION['data']);
} else {
    $post = false;
    $data = $_GET;
}

/* getting user */
if (isset ($_SESSION[KEY_SESSION_USER])) {
    $user = unserialize ($_SESSION[KEY_SESSION_USER]);
} else {
    $user = null;
}

if (isset ($data['account'])) {
    $account = $data['account'];
    switch ($account) {
        case 'login' :
            if ($user && $user->isRegistered ()) {
                $msg = 'Hai gia effettuato il login!<a href="javascript: history.back();">Torna alla pagina precedente</a>';
                require_once VW_NOTIFY;
                exit ();
            } else {
                if ($post) {
                    if (isset ($data['username']) && isset ($data['password'])) {
                        if (login ($data['username'], $data['password'])) {
                            if (isset ($_SESSION['red'])) {
                                $url = HTTP_CTRL_MAIN . '?' . $_SESSION['red'];
                            } else {
                                $url = HTTP_CTRL_MAIN . '?request=view';
                            }
                            ?><meta http-equiv="refresh" content="0;url='<?php echo $url; ?>'" /><?php
                        } else {
                            $msg = 'Login fallito!';
                            require_once VW_NOTIFY;
                        }
                    } else {
                        $msg = 'username and/or password not set!';
                        require_once VW_NOTIFY;
                    }
                } else {
                    require_once VW_LOGIN;
                }
            }
            require_once VW_LOGIN;
            exit ();
            break;
    }
    if (!$user || !$user->isRegistered ()) {
        $msg = MSG_NOT_AUTHORIZED;
        require_once VW_NOTIFY;
        exit ();
    }
    switch ($account) {
        case 'backup':
            $db = openConnection();
            $msg = 'Backing up...';
            $db->backup();
            $msg .= "\nDone!\nLocation: " . realpath (DIR_BACKUPS) . "\n" . '<a href="javascript: history.back();">Go back</a>';
            notify($msg);
            exit ();
            break;
        case 'find':
            if (isset ($data['start']) && isset ($data['end'])) {
                $result = find($data['start'], $data['end']);
                $db = openConnection();
                $values = array ();
                while ($row = $db->fetchAssoc($result)) {
                    $values[] = $row['ID'];
                }
                $values = implode(',', $values);
                ?><meta http-equiv="refresh" content="0;url='<?php echo HTTP_CTRL_MAIN . "?values=$values"; ?>&request=view&table=intervento'" /><?php
            } else {
                require_once VW_FIND;
            }
            break;
        case 'generate_permissions':
            require_once MDL_PERMISSIONS;
            generatePermissions ();
            break;
        case 'assign':
            if (isset ($data['IDuser']) && isset ($data['model'])) {
                require_once MDL_PERMISSIONS;
                assign ($data['model'], $data['IDuser']);
            } else {
                $msg = 'User and/or model not set!';
                require_once VW_NOTIFY;
            }
            break;
        case 'pg_permissions':
            require_once VW_PERMISSIONS;
            break;
        case 'logout' :
            logout ();
            ?><meta http-equiv="refresh" content="0;url='<?php echo HTTP_CTRL_MAIN; ?>?account=login'" /><?php
            break;
    }
}
?>